AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/11/2019

Pinterest says AI reduced self-harm content on its platform by 88%

Yesterday, on international World Mental Health Day, Pinterest announced in a blogpost that for the past year, it’s been using machine learning techniques to identify and automatically hide content that displays, rationalizes, or encourages self-injury. Using this technology, the social networking company says it has achieved an 88 percent reduction in reports of self-harm content by users, and it’s now able to remove harmful content three times faster than ever before. 


Swedish firm gives Hong Kong protesters security keys amid police hacking fear 

A Swedish tech company renowned for encryption has donated hundreds of security keys to Hong Kong’s protest movement after an activist sought help in repelling police online. Yubico, set up in 2007, is best known for its signature invention Yubikey, which can be used for two-factor authentication for computers, networks and online accounts.Sherry Chan Yuen-yung said in a Facebook post that Yubico had sent her 500 of its Yubikey devices after she wrote to the company requesting support in upgrading demonstrators’ cybersecurity.


HiddenWasp and the Emergence of Linux-based Threats

Researchers at Intezer recently discovered an undetected malware targeting Linux systems. The malware—which the researchers named HiddenWasp—was enforcing advanced evasion techniques with the use of rootkits in order to avoid detection. HiddenWasp is a fully developed suite of malware that includes a trojan, rootkit and an initial deployment script. The malware is used for targeted attacks against victims who have already been infected. HiddenWasp has the ability to download and execute code, upload files and perform a variety of commands, for the sole purpose of gaining remote control over the infected system. This is different from common Linux malware, which perform distributed denial-of-service (DDoS) attacks or mine cryptocurrencies.


Bank of Ireland staff no longer willing to snitch on OneCoin crypto scam

Despite facing calls to testify against the OneCoin scam, Bank of Ireland (BoI) staff have now reportedly pulled back from helping court proceedings voluntarily. According to a court letter filed yesterday, seen by Finance Feeds, the US government is finding it increasingly difficult to secure voluntary testimonies from Deidre Ceannt, Derek Collins, Diane Sands, and Gregg Begley – the BoI’s staff involved in the case. It was initially thought the witnesses were willing to provide a voluntary account however, court documents say they will now only cooperate when it’s compulsory.


Human Rights Activist Allegedly Targeted With NSO Malware Says His Life Is ‘Hellish’

Hackers likely working for a government targeted two Moroccan human rights activists with malware made by the controversial Israeli surveillance vendor NSO Group, according to a new report by Amnesty International. In the report, researchers from Amnesty detail a series of attacks against Maati Monjib, a historian and journalist, and Abdessadak El Bouchattaoui, a lawyer who represented a group of protesters in Morocco. Since 2017, the two men received a series of text messages containing links that pointed to infrastructure previously attributed to NSO Group by Amnesty as well as the digital rights organization Citizen Lab. The researchers said that the links, if clicked, were designed to silently install NSO’s Pegasus spyware on the targets’ phones.

Related Posts